<?php
session_start();
$username = trim($_POST['username']); //通过全局数组$_POST读取前端表单name为username的表单值
$usernameReg = '/^[A-Za-z0-9]{3,10}$/';
if(!preg_match($usernameReg,$username)){
    echo "<script>alert('用户名只能由大写、小写字母、数字构成，且长度为3-10个字符！');history.back();</script>";
    exit;
}
$pw = trim($_POST['pw']);
$pwReg = "/^[A-Za-z0-9_\-*]{6,10}$/";
if(!preg_match($pwReg,$pw)){
    echo "<script>alert('密码只能由大写、小写字母、数字、_、-、*构成，且长度为6-10！');history.back();</script>";
    exit;
}
$pw = md5($pw);
include 'conn.php';
//第三步：设置sql语句
$sql = "select * from userinfo where username = '$username' and pw = '$pw'";
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result)){
    //写入一个登录标志
    echo "<script>alert('登录成功！');location.href='index.php';</script>";
    //$_SESSION['isLogged'] = 1;
    $_SESSION['loggedUsername'] = $username;
}
else{
    echo "<script>alert('用户名或密码错误！');history.back();</script>";
    session_destroy();
}
